Towards a Discipline of Mission-Aware Cloud Computing
Even as cloud computing gains rapid traction in the commercial marketplace the twin concerns of availability and security remain paramount to potential customers, especially in the enterprise. Concurrently the vision of what cyber security means is itself changing. The US Department of Defense (henceforth DoD) has recently promulgated a new doctrine of mission assurance in contrast to the earlier approach of information assurance. We argue that this concept of mission assurance is equally applicable to the commercial sector, and has high relevance to the availability and security concerns of cloud computing. While the business community may prefer alternate terms such as “business application assurance,” “business function assurance” or “mission effectiveness” we propose to stay with established DoD terminology. Our basic position is that in order to achieve mission assurance in the new paradigm of cloud computing we need to instrument the cloud with hooks and supporting protocols and mechanisms to enable deployment of mission-driven performance, resilience and security policies into the computing and communication infrastructure. The cloud must therefore evolve from its current mission-oblivious state to become mission-aware. This position paper speculates on the research challenges in making this happen.
Cloud computing remains a somewhat amorphous term but one that deﬁnitely has gained wide usage. In this paper we will more or less follow the terminology of . In particular the service models of Infrastructure as a Service (IaaS), Platform as a Service (PaaS) and Software as a Service (SaaS) have generally become well accepted, as well as the notions of public, private and hybrid clouds. Some authors have suggested a further division of IaaS to include Hardware as a Service (Haas), Data as a Service (DaaS) and Communication as a Service (CaaS) . Others have sought to compare cloud concepts with more traditional grid, utility and distributed computing to emphasize continuity . Our basic premise is that the cloud is here to stay and we are only in the initial stages of where this technology will take us. A major driver is the promised economic beneﬁts of cloud computing  to cut costs for existing applications. A signiﬁcant aspect of the economics is the promise of elasticity on demand. Another major driver is the new set of applications and services that the cloud can enable. Some in the industry see the cloud as the place to develop the full potential of SOA  whereby existing applications and services can be easily composed in application frameworks that go beyond the current generation of PaaS. Others propose a notion of application elasticity whereby applications are deployed on resource-constrained end systems, such as mobile devices, and can migrate from device to cloud and back as determined by circumstances and preferences . Looking ahead there is speculation that a layer of cloud broker services will emerge to enable integration between cloud service providers and consumers . From our current vantage point it is impossible to say for sure how these and other anticipated developments will play out in detail. In the big picture we believe it is clear that the cloud will inﬂuence not only how existing applications are deployed in the future (in the cloud), but even more so impact how new applications and services are built and assembled in the future (in the cloud).